###

###

###

###

On January 19th, 2022, President Biden signed a National Security Memorandum (NSM) to further improve the cybersecurity of the United States.  This NSM signifies a renewed focus by the administration to protect National Security Systems (NSS) within the Department of Defense and the Intelligence Community.

Memorandum Overview

The National Security Memorandum (NSM) sets the bar for Department of Defense and Intelligence Community National Security Systems (NSS), extending the requirements set forth within Executive Order 14028 of May 12, 2021 (Improving the Nation’s Cybersecurity) from solely civilian agencies to all Federal Information Systems.

This new directorate stipulates the DoD and Intelligence agencies “shall adopt National Security Systems requirements that are equivalent to or exceed the cybersecurity requirements set forth” in EO 14028.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC) and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

###

###

###

Corsec would like to congratulate our partner, Schweitzer Engineering Laboratories, Inc. (SEL), on completing the DoDIN APL process for their SEL-2740S, SEL-2742S, and SEL-5056 solutions. SEL partnered with Corsec to achieve this milestone and over the past year the teams worked to harden the product against security requirements for STIG testing, CAC compliance, IPv6, Information Assurance, and Interoperability testing.

For more on SEL’s listing, visit the DISA Approved Products List.

For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About The DoDIN APL

The DoDIN APL represents the agency’s master list of secure, trusted, and approved technology infrastructure products. The DoDIN APL was developed in an effort to maintain a single consolidated list of products that have completed Interoperability (IO) and Information Assurance (IA) / Cybersecurity (CS) certification. Getting a product included on this coveted list involves a rigorous 39-step process overseen by the Approved Products Certification Office (APCO). This laborious and often confusing process involves the submission of a series of properly completed forms and product documentation, attainment of prerequisite validations, and adherence to strict scheduling guidelines and interdependencies.

SEL specializes in creating digital products and systems that protect, control, and automate power systems around the world. This technology prevents blackouts and improves power system reliability and safety at a reduced cost. A 100 percent employee-owned company headquartered in Pullman, Washington, SEL has manufactured products in the United States since 1984 and serves customers worldwide.

For more than two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC) and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

Corsec would like to congratulate our partner, Keeper Security Inc., on completing the Federal Information Processing Standard Publication 140-2 (FIPS 140-2) validation on their Keeper Security Cryptographic Module.

To achieve this milestone, Keeper partnered with Corsec, completing a Level 1 validation as seen in certificate #3976. For more information on the validation and to find additional details on the Crypto Module security policy, visit NIST’s validated modules site.

For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140-2

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS, which is mandated by law in the U.S. and very strictly enforced in Canada, is also currently being reviewed by ISO to become an international standard. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

Keeper Security Inc. is a leader in the cybersecurity filed, creators of a leading platform for preventing password-related data breaches and cyberthreats. For more, visit the Keeper website here.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC) and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###